Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-28200 | Improper Authentication vulnerability in N-Able N-Central 2023.4/2023.6/2023.7 The N-central server is vulnerable to an authentication bypass of the user interface. | 9.8 |
| 2024-06-26 | CVE-2024-27867 | Improper Authentication vulnerability in Apple products An authentication issue was addressed with improved state management. | 4.3 |
| 2024-06-25 | CVE-2024-5012 | Improper Authentication vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. | 8.6 |
| 2024-06-25 | CVE-2024-37085 | Improper Authentication vulnerability in VMWare Cloud Foundation and Esxi VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. | 7.2 |
| 2024-06-25 | CVE-2024-5805 | Improper Authentication vulnerability in Progress Moveit Gateway 2024.0 Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. | 9.1 |
| 2024-06-14 | CVE-2024-37367 | Improper Authentication vulnerability in Rockwellautomation Factorytalk View 12.0/13.0 A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. | 7.5 |
| 2024-06-13 | CVE-2024-22441 | Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. | 9.8 |
| 2024-06-10 | CVE-2022-45168 | Improper Authentication vulnerability in Liveboxcloud Vdesk An issue was discovered in LIVEBOX Collaboration vDesk through v018. | 6.5 |
| 2024-06-06 | CVE-2024-5658 | Improper Authentication vulnerability in Born05 Two-Factor Authentication The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. | 6.5 |
| 2024-06-05 | CVE-2023-50804 | Improper Authentication vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. | 5.3 |